Changelog
v3.0.6 resolves GHSA-w6c6-c85g-mmv6. This release also adds support for signing with OpenBao-managed keys.
- f1ad3ee Fix DSSE predicate check (GHSA-w6c6-c85g-mmv6) (#4801)
- a09afa9 Handle whitespace-only certificate annotation (#4760)
- 5a38a6d fix(sign): closing SignerVerifier too early when signing with a security key (#4761)
- 2290a59 Disallow --new-bundle-format and --rfc3161-timestamp (#4762)
- 36f4008 support managed keys in conformance testing (#4728)
- 3274cf9 Add support for GCE metadata server env var (#4732)
- 2e9754a fix: preserve per-layer annotations in WriteAttestationsReferrer (#4709)
- dece275 Fix parsing of in-toto for string predicates
- bd4f0fd Mark batch of flags for deprecation (#4698)
- 9b259ff disallow key and cert identity being used together during verification (#4636)
- 95eb1c3 support key creation in GitLab group (#4704)